Administer > Configure LW-SSO

Configure LW-SSO

  1. Configure all external applications that integrate with the CMS UI with LW-SSO settings. For details about LW-SSO authentication, see the relevant section in the Hardening section of the UCMDB Help.

    Note If you access CMS UI by IP address (not by FQDN), you should add the CMS UI IP address to the UCMDB’s trusted hosts. You can do this from the JMX console. Under LW-SSO Configuration Management, locate the addTrustedIPs method and invoke it using the CMS UI IP address value.

  2. Open the ucmdb_browser_lwsso_config.xml file in the \conf folder in an XML editor and make the following changes:

    • For the domain tag, enter the domain name of the CMS UI (for example, net or domain-name.com).
    • For the value of initString, enter the exact value of initString that is defined for the UCMDB server and is retrieved when performing the procedure described in the section Retrieving Current LW-SSO Configuration in Distributed Environment in the relevant document listed in step 1.

Note  

  • In the case of an embedded CMS UI, configure LW-SSO by going to Administration > Infrastructure Settings Manager > General Settings and configure settings that start with LW-SSO.

  • The UCMDB server name in the ucmdb_browser_config.xml file (under the <host_name> tag) should be the full DNS name (for example ucmdb-server.com).
  • When working with LW-SSO, the URL of the CMS UI should also contain the domain name (for example http://UCMDB-SERVER.com:8088/ucmdb-browser/).
  • When upgrading from UCMDB Browser to CMS UI 2018.05 or later, open the ucmdb_browser_lwsso_config.xml file in the \conf folder, and replace the following lines:

    <logoutURLs>
    <url>.*/logout.jsp.*</url>
    </logoutURLs>

    with:

    <logoutURLs>
    <url>.*/logout*</url>
    </logoutURLs>